Business Email Compromise - a common cyber threat explained
Business Email Compromise (BEC) is a growing, common cyber threat to all businesses that utilise email. Due to our dependency on email as a form of communication it is an easy target for cyber criminals and can affect organisations of any size.
It’s exceptionally easy to fall prey to BEC. Cybercriminals use phishing or malware approaches to access legitimate email accounts, which they then use to dupe email recipients, who believe that the communication they receive is from a known source.
By using compromised email credentials or a hijacked legitimate email address, they can encourage the recipient to act. This may be for financial gain, by requesting that payments made into a bank account controlled by the criminal, or to acquire sensitive information or data which is likely to be shared willingly.
A report by Beazley PLC, highlighted that a staggering 90% of data breaches occurring in the UK in 2019 were caused by human error! This means that most incidents that occur in a business setting are because of actions inadvertently taken by employees.
Here are four facts about Business Email Compromise and how it can impact your business:
It only takes one attack
Just one compromised email account is all that the cybercriminal needs. They can use this to tailor the next attack, to trick even more people within an organisation to give up credentials. This means that just one successful attack can cause a cascade effect through your business.
They can intercept your existing conversations
This is a scary concept! The cybercriminal is becoming increasingly sophisticated and can identify any existing conversations around forthcoming payments. This means they can tailor an attack to request a change in money transfer details, so funds are redirected to their own accounts.
On a positive note – there are some – the banks are now able to freeze and return funds provided they are contacted with 24 – 48 hours by the compromised organisation.
They can access other applications
Email is just the start of the cyber journey for the active cybercriminal. An attack on your email software can leave you open to the infiltration of other systems such as payroll/HR. Access to this area could allow them to redirect wages and payments into their own accounts.
It's more than just financial compromise
BEC gives the cybercriminal more than access to potential financial gains. Attackers will be able to access sensitive information which they can sell on for further financial gain. This information can include log-in details, personal details and financial data.
Be prepared for Business Email Compromise
Whilst you have little control over what’s happening externally with BEC, there are some steps that you can take to help prevent this cyberattack impacting your business.
The five top tips below will help you to prevent Business Email Compromise:
1 Multi-Factor Authentication
Introduce multi-factor authentication into your systems. This is an authentication method that requires a user to provide two or more verification factors in order to gain access to a resource such as an application or online account.
MFA will protect the user and therefore your business, from an unknown person trying to access data such as personal information or financial details.
In addition to this, you could also create a rule for all new emails that come into the business from external sources. With this in place all external emails would be clearly identified, acting as an additional prompt for the recipient to make sure it’s a legitimate email.
2 Staff training
Carry out staff training on how to detect and avoid phishing emails. The Barnes Risk Management Hub has online learning resources that you can utilise for this purpose, which is a free service for our clients. Find out more about risk management here.
3 Reinforce fund transfer/payment procedures
Review and reinforce your fund transfer and payment procedures to identify areas that may be vulnerable. This could involve an authentication requirement for people or businesses that are not within your network.
4 Limit users
Reduce or limit the number of people that can authorise financial transfers and payments. The fewer people with the ability to carry out these tasks, the lower your risk of compromise becomes.
5 Review procedures for supplier/customer account set up
Take a close look at the procedures in place for the set-up of new accounts. How do you verify their details and address? Look at how you manage any changes they request, to ensure that they are genuine.
Time to review your cyber risk?
If you would like a business risk review, we’d be more than happy to help. We can look at all areas of your business including your vulnerability to cyberattacks and create a programme of covers that are best suited to your needs. Call us today on 01480 272727 and speak to one of our friendly, expert advisers.
Find out more about Cyber Liability Insurance here.